def post(self):
uuid = self.get_argument('uuid', '')
want_remove = self.get_argument('want_remove', '')
if not uuid:
message = xtjson.json_params_error(message=u'必须指定文件uuid!')
self.write(message)
else:
file = File.by_field_first(uuid=uuid)
if not file:
message = xtjson.json_params_error(message=u'没有找到该文件!')
self.write(message)
else:
if not file.is_removed:
if want_remove == '1':
file.is_removed = True
self.db.commit()
self.write(xtjson.json_result())
else:
message = xtjson.json_params_error(
message=u'该文件没有被删除,无需取消删除!')
self.write(message)
else:
if want_remove == '0':
file.is_removed = False
self.db.commit()
self.write(xtjson.json_result())
else:
message = xtjson.json_params_error(
message=u'该文件已删除,无需重复删除!')
self.write(message)
def star_post():
form = StarpostForm(request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
postmodel = Post.query.get(post_id)
starpostmodel = PoststarsModel.query.filter_by(
post_id=post_id, author_id=flask.g.front_user.id).first()
if is_star:
if starpostmodel:
return xtjson.json_params_error(message=u'您已对该帖子已经点过赞!')
starpostmodel = PoststarsModel()
starpostmodel.author = flask.g.front_user
starpostmodel.post = postmodel
db.session.commit()
return xtjson.json_result()
else:
if starpostmodel:
db.session.delete(starpostmodel)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'您还没有该帖子点赞,无需取消点赞操作')
else:
return xtjson.json_params_error(message=form.error_message())
def star_post():
form = StarPostForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
if is_star:
# 要从数据库中查找一下,当前这个点赞是否存在,如果不存在,就添加,否则就提示已经点赞了
if star_model:
return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
if star_model:
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!')
else:
return xtjson.json_params_error(message=form.get_error())
def post_star():
form = FrontPostStarForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
if is_star:
if star_model:
return xtjson.json_params_error(message=u'已点赞,无需再赞')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
# 点赞一次加star_up_points个积分
flask.g.front_user.points += constants.STAR_UP_POINTS
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
if star_model:
# 取消点赞一次扣除star_up_points个积分
flask.g.front_user.points -= constants.STAR_UP_POINTS
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未点赞')
else:
return xtjson.json_params_error(message=form.get_error())
def post_star():
form = PostStarForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
# 如果表单中获取到点赞的信息,再去判断数据库中这个点赞是否存在,若存在,则提示已点赞,否则添加
if is_star:
if star_model:
return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
# 如果表单中不存在点赞的信息,再去数据库中查是否存在,如果存在就将它删掉,若不存在就是还没有点赞
if star_model:
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!')
else:
return xtjson.json_params_error(message=form.get_error())
def add_cmsuser():
if flask.request.method == 'POST':
form = CMSAddUserForm(flask.request.form)
if form.validate():
username = form.username.data
email = form.email.data
roles = flask.request.form.getlist('roles[]')
user = CMSUser(username=username, email=email, password='******')
if roles:
for role_id in roles:
role = CMSRole.query.filter_by(id=role_id).first()
user.roles.append(role)
db.session.add(user)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'请最少选择一种分组!')
else:
return xtjson.json_result(message=form.get_error())
else:
context = {
'roles': CMSRole.query.all(),
}
return render_template('cms/supermanage/cms_addcmsuser.html',
**context)
def post(self):
form = FrontLoginForm(request.form)
next = request.args.get('next', '/')
if form.validate():
return xtjson.json_result(data=next)
else:
return xtjson.json_params_error(message=form.get_error())
def settings():
if flask.request.method == 'GET':
return render_template('front/front_settings.html')
else:
form = SettingsForm(flask.request.form)
if form.validate():
username = form.username.data
realname = form.realname.data
qq = form.qq.data
avatar = form.avatar.data
signature = form.signature.data
gender = form.gender.data
# 用户登录之后只要获取当前用户的信息,然后就可以直接传入数据
user_model = flask.g.front_user
# 只有用户名是必填项,其他可以不填,所以需要判断,而性别是有默认选项
user_model.username = username
user_model.gender = gender
if realname:
user_model.realname = realname
if qq:
user_model.qq = qq
if avatar:
user_model.avatar = avatar
if signature:
user_model.signature = signature
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def update_profile(request):
"""
更新用户信息
1. 更新头像(avatar)
2. 更新用户名(username)
"""
form = UpdateProfileForm(request.POST)
if form.is_valid():
print request.POST
avatar = form.cleaned_data.get('avatar', None)
username = form.cleaned_data.get('username', None)
# user = request.user
user = User.objects.all().first() # 中间件设置当前的user到request上
user.username = username
user.save()
# 1.如果CmsUser这个表里已经有数据和user对应了,就直接更新
cmsuser = CmsUser.objects.filter(user__pk=user.pk).first()
if not cmsuser:
# 2.如果CmsUser这个表里没有数据和user对应,就应该新建,然后保存进去
cmsuser = CmsUser(avatar=avatar, user=user)
else:
cmsuser.avatar = avatar
cmsuser.save()
return xtjson.json_result()
else:
return form.get_error_response()
def article_list(request, category_id=0, page=1):
categoryId = int(category_id)
currentPage = int(page)
start = (currentPage - 1) * settings.NUM_PAGE
end = start + settings.NUM_PAGE
articles = ArticleModel.objects.all()
topArticle = None
# 如果是处在所有文章界面,那么首先需要获取三篇置顶文章
# 再获取其他的文章,应该排除置顶的文章
if categoryId > 0:
articles = articles.filter(
category__pk=categoryId).order_by('-release_time')
else:
topArticle = articles.filter(
top__isnull=False).order_by('-top__create_time')
articles = articles.filter(top__isnull=True).order_by('-release_time')
articles = list(articles.values()[start:end])
# model_to_dict(articleModel) ---> 将模型转换成字典
context = {'articles': articles, 'c_page': currentPage}
if request.is_ajax():
return xtjson.json_result(data=context)
else:
context['categorys'] = CategoryModel.objects.all()
context['top_articles'] = topArticle
context['c_category'] = CategoryModel.objects.filter(
pk=category_id).first()
return render(request, 'front_article_list.html', context)
def edit_cms_user():
if flask.request.method == 'GET':
user_id = flask.request.args.get('user_id')
if not user_id:
return flask.abort(404)
user = CMSUser.query.get(user_id)
roles = CMSRole.query.all()
current_roles = [role.id for role in user.roles ]
context = {
'user' : user,
'roles' : roles,
'current_roles' : current_roles
}
return flask.render_template('cms/cms_editcmsuser.html', **context)
else:
user_id = flask.request.form.get('user_id')
if not user_id:
return xtjson.json_params_error(message=u'用户不存在')
roles = flask.request.form.getlist('roles[]')
if not roles:
return xtjson.json_params_error(message=u'必须最少指定一个分组')
user = CMSUser.query.get(user_id)
user.roles[:] = []
for role_id in roles:
role_model = CMSRole.query.get(role_id)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def telphone_captcha():
telphone = flask.request.args.get('telphone')
if not telphone:
return xtjson.json_params_error(message=u'请输入手机号码!')
if xtcache.get(telphone):
return xtjson.json_params_error(message=u'该手机号码已经申请过验证码,请在10分钟后再试!')
telphone_captcha = xtcaptcha.Captcha.gene_text()
xtcache.set(telphone,telphone_captcha,timeout=600) # 10分钟过期
app_key = ''
app_secret = ''
req = top.setDefaultAppInfo(app_key,app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
req.sms_free_sign_name = 'python论坛'
req.sms_param = "{code:'%s'}" % telphone_captcha
req.rec_num = telphone.decode('utf-8').encode('ascii')
req.sms_template_code = 'SMS_37105066'
try:
resp = req.getResponse()
return xtjson.json_result()
except Exception,e:
return xtjson.json_params_error(message=u'短信发送太频繁')
def post_addcomment():
if flask.request.method == 'GET':
post_id = flask.request.args.get('post_id', type=int)
comment_id = flask.request.args.get('comment_id', type=int)
context = {'post': PostModel.query.get(post_id)}
if comment_id:
context['origin_comment'] = CommentModel.query.get(comment_id)
return flask.render_template('front/front_addcomment.html', **context)
else:
form = FrontAddCommentForm(flask.request.form)
if form.validate():
# 先判断该用户是否满足COMMENT_ALLOW_POINTS个积分
if flask.g.front_user.points < constants.COMMENT_ALLOW_POINTS:
message = u'您必须达到%s个积分才能评论!' % constants.COMMENT_ALLOW_POINTS
return xtjson.json_params_error(message=message)
post_id = form.post_id.data
content = form.content.data
comment_id = form.comment_id.data
comment_model = CommentModel(content=content)
comment_model.author = flask.g.front_user
post_model = PostModel.query.get(post_id)
comment_model.post = post_model
if comment_id:
origin_comment = CommentModel.query.get(comment_id)
comment_model.origin_comment = origin_comment
# 评论一次加comment_up_points个积分
flask.g.front_user.points += constants.COMMENT_UP_POINTS
db.session.add(comment_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def mail_captcha():
# 生成验证码
email = flask.request.args.get('email')
if xtcache.get(email):
return xtjson.json_params_error('该邮箱已经发送验证码了!')
captcha = Captcha.gene_text()
# 给请求修改邮箱的用户发送邮箱验证码
# if xtmail.send_mail(subject='DUDU论坛邮箱验证码', receivers=email, body='邮箱验证码:'+captcha):
# # 1.为了下次可以验证邮箱和验证码
# # 2.为了防止用户不断的刷这个接口
# xtcache.set(email,captcha)
# return xtjson.json_result()
# else:
# return xtjson.json_server_error()
celery_send_mail.delay(subject='DUDU论坛邮箱验证码',
receivers=email,
body='邮箱验证码:' + captcha)
return xtjson.json_result()
def settings():
if flask.request.method == 'GET':
return flask.render_template('front/front_settings.html')
else:
form = SettingsForm(flask.request.form)
if form.validate():
username = form.username.data
realname = form.realname.data
qq = form.qq.data
avatar = form.avatar.data
signature = form.signature.data
user_model = flask.g.front_user
user_model.username = username
if realname:
user_model.realname = realname
if qq:
user_model.qq = qq
if avatar:
user_model.avatar = avatar
if signature:
user_model.signature = signature
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def chart_trade_contrast_chart():
data = [
dict(name='2015年报关情况', data=[12472, 6545, 19017]),
dict(name='2016年报关情况', data=[9502, 6921, 16423])
]
return xtjson.json_result(data=data)
def add_cms_user():
if flask.request.method == "GET":
roles = CMSRole.query.all()
context = {
'roles': roles
}
return flask.render_template('cms/cms_addcmsuser.html', **context)
else:
form = CMSAdduserForm(flask.request.form)
if form.validate():
username = form.username.data
email = form.email.data
password = form.password.data
roles = flask.request.form.getlist('roles[]')
print roles
if not roles:
return xtjson.json_params_error(message=u'必须最少指定一个分组!')
user = CMSUser(username=username,email=email,password=password)
for role_id in roles:
role = CMSRole.query.get(role_id)
role.users.append(user)
if email == CMSUser.query.filter_by(email=email).first():
return xtjson.json_params_error(message=u'该CMS用户已经存在,请勿重复添加!')
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def post(self,request):
form=cf.CMSAddPostForm(request.POST)
form.set_request(request)
if not form.is_valid():
return xtjson.json_params_error(message=form.get_error())
else:
title=form.cleaned_data.get('title')
tags=request.POST.getlist('tags[]')
content=form.cleaned_data.get('content')
thumbnail=form.cleaned_data.get('thumbnail')
data=dict(title=title,content=content)
if thumbnail:
data.update(thumbnail=thumbnail)
else:
content='<p><img src="{}" alt=""></p>{}'.format(DEFAULT_THUMBNAIL,content)
data['content']=content
article=bm.Article(**data)
user=request.cms_user
article.author=user
for tag_id in tags:
tag=bm.Tag.objects.filter(id=tag_id).first()
if tag:
article.tags.append(tag)
article.save()
tag.articles.append(article)
tag.save()
user.articles.append(article)
user.save()
return xtjson.json_result(message='帖子发布成功')
def edit_cmsuser():
if request.method == 'GET':
id = request.args.get('user_id')
if id:
user = User.query.get(id)
roles = CMSRoles.query.all()
current_id = [role.id for role in user.roles]
context = {'user': user, 'roles': roles, 'current_id': current_id}
return render_template('cms/edit_cmsuser.html', **context)
else:
return flask.abort
else:
roles = request.form.getlist('roles[]')
user_id = request.form.get('user_id')
if not user_id:
return xtjson.json_params_error(message=u'用户id不存在')
if not roles:
return xtjson.json_params_error(message=u'没有指定角色')
user = User.query.get(user_id)
user.roles[:] = []
for role in roles:
role_model = CMSRoles.query.get(role)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def artical_list(request, category_id=0, page=1):
categoryId = int(category_id)
currentPage = int(page)
numPage = int(settings.NUM_PAGE)
start = (currentPage - 1) * numPage
end = start + numPage
articals = ArticalModel.objects.all()
topArtical = None
if categoryId > 0:
articals = articals.filter(category_id=categoryId)
else:
topArtical = articals.filter(
top__isnull=False).order_by('-top__opreate_time')
articals = articals.filter(top__isnull=True).order_by('-update_time')
articals = list(articals.values()[start:end])
context = {
'articals': articals,
'c_page': currentPage,
}
if request.is_ajax():
return xtjson.json_result(data=context)
else:
context['categorys'] = CategoryModel.objects.all()
context['top_articals'] = topArtical
context['c_category'] = CategoryModel.objects.filter(
pk=category_id).first()
return render(request, 'front_artical_list.html', context=context)
def add_comment():
if flask.request.method == 'GET':
post_id = flask.request.args.get('post_id', type=int)
comment_id = flask.request.args.get('comment_id', type=int)
context = {'post': PostModel.query.get(post_id)}
if comment_id:
context['origin_comment'] = CommentModel.query.get(comment_id)
return flask.render_template('front/front_addcomment.html', **context)
else:
form = AddCommentForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
content = form.content.data
comment_id = form.comment_id.data
comment_model = CommentModel(content=content)
post_model = PostModel.query.get(post_id)
comment_model.post = post_model
comment_model.author = flask.g.front_user
if comment_id:
origin_comment = CommentModel.query.get(comment_id)
comment_model.origin_comment = origin_comment
db.session.add(comment_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def sms_captcha():
telephone = flask.request.args.get('telephone')
if not telephone:
return xtjson.json_params_error(message=u'手机号不能为空!')
p2 = re.compile('^0\d{2,3}\d{7,8}$|^1[3587]\d{9}$|^147\d{8}')
phonematch = p2.match(telephone)
if not phonematch:
return xtjson.json_params_error(message=u'手机号格式错误')
tel = FrontUser.query.filter_by(telephone=telephone).first()
if tel:
return xtjson.json_params_error(message=u'该手机号已被注册,请勿重复注册')
if xtcache.get(telephone):
return xtjson.json_params_error(message=u'验证码已发送,请于1分钟后重新发送')
app_key = constants.ALIDAYU_APP_KEY
app_secret = constants.ALIDAYU_APP_SECRET
req = top.setDefaultAppInfo(app_key, app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
req.sms_free_sign_name = constants.ALIDAYU_SIGN_NAME
# 给模版的参数
captcha = Captcha.gene_text()
req.sms_param = "{code:'%s'}" % captcha
req.rec_num = telephone.decode('utf-8').encode('ascii')
req.sms_template_code = constants.ALIDAYU_TEMPLATE_CODE
try:
resp = req.getResponse()
xtcache.set(telephone, captcha)
return xtjson.json_result()
except Exception, e:
print e
return xtjson.json_server_error()
def top_article(request):
# method(GET,POST)
# 参数
# wiki
form = TopArticleForm(request.POST)
if form.is_valid():
uid = form.cleaned_data.get('uid')
articleModel = ArticleModel.objects.filter(pk=uid).first()
if articleModel:
if not articleModel.thumbnail:
return xtjson.json_params_error(message=u'有缩略图的文章才能置顶')
topModel = articleModel.top
if not topModel:
topModel = TopModel()
# 如果存在,也save一下,这样就会更新operate_time了
topModel.save()
articleModel.top = topModel
articleModel.save(update_fields=['top'])
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'该文章不存在')
else:
return form.get_error_response()
def edit_cmsuser():
# /edit_cmsuser/?user_id=xxx
# /edit_cmsuser/xxx/
if flask.request.method == 'GET':
user_id = flask.request.args.get('user_id')
if not user_id:
flask.abort(404)
user = CMSUser.query.get(user_id)
roles = CMSRole.query.all()
current_roles = [role.id for role in user.roles]
context = {
'user': user,
'roles': roles,
'current_roles': current_roles # 存储当前用户所有的角色id
}
return flask.render_template('cms/cms_editcmsuser.html', **context)
else:
user_id = flask.request.form.get('user_id')
roles = flask.request.form.getlist('roles[]')
if not user_id:
return xtjson.json_params_error(message=u'没有指定id!')
if not roles:
return xtjson.json_params_error(message=u'必须指定一个组!')
user = CMSUser.query.get(user_id)
# 清掉之前的角色信息
user.roles[:] = []
# 添加新的角色
for role_id in roles:
role_model = CMSRole.query.get(role_id)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def add_artical(request):
if request.method == 'GET':
categorys = CategoryModel.objects.all()
tags = TagModel.objects.all()
data = {'categorys': categorys, 'tags': tags}
return render(request, 'cms_artical.html', data)
else:
form = AddArticalForm(request.POST)
print form.is_valid()
if form.is_valid():
title = form.cleaned_data.get('title')
category = form.cleaned_data.get('category')
desc = form.cleaned_data.get('desc')
thumbnail = form.cleaned_data.get('thumbnail')
content_html = form.cleaned_data.get('content_html')
tags = request.POST.getlist('tags[]')
user = request.user
categoryModel = CategoryModel.objects.filter(pk=category).first()
articalModel = ArticalModel(title=title,
desc=desc,
thumbnail=thumbnail,
content_html=content_html,
author=user,
category=categoryModel)
articalModel.save()
for tag in tags:
tagModel = TagModel.objects.filter(pk=int(tag)).first()
if tagModel:
articalModel.tags.add(tagModel)
return xtjson.json_result()
else:
return form.get_error_response()
def add_comment():
if flask.request.method == 'GET':
post_id = flask.request.args.get('post_id')
post_model = PostModel.query.get(post_id)
# db.session.close()
return flask.render_template('front/front_addcoment.html',
post=post_model)
else:
if flask.g.front_user.points < settings.COMMENT_ALLOW_POINTS:
message = u'你的积分是%s,少于评论需求的%s积分,去发布帖子、写评论和做任务' \
u'挣积分吧~' % (flask.g.front_user.points, settings.COMMENT_ALLOW_POINTS)
return xtjson.json_params_error(message=message)
form = AddCommentForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
content = form.content.data
comment_model = CommentModel(content=content)
post_model = PostModel.query.get(post_id)
comment_model.post = post_model
comment_model.author = flask.g.front_user
# 评论积分+1
comment_model.author.points += 1
db.session.add(comment_model)
db.session.commit()
# db.session.close()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def sms_captcha():
telephone = flask.request.args.get('telephone')
# 获取用户名,用于发送短信验证码显示用户名
# username = flask.request.args.get('username')
if not telephone:
return xtjson.json_params_error(message=u'必须指定手机号码!')
if xtcache.get(telephone):
return xtjson.json_params_error(message=u'验证码已发送,请1分钟后重复发送!')
# if not username:
# return xtjson.json_params_error(message=u'必须输入用户名!')
# 阿里大于APP_KEY及APP_SECRET
app_key = constants.APP_KEY
app_secret = constants.APP_SECRET
req = top.setDefaultAppInfo(app_key, app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
# 签名名称
req.sms_free_sign_name = constants.SIGN_NAME
# 随即生成字符串
captcha = Captcha.gene_text()
# 设置短信的模板
req.sms_param = "{code:%s}" % captcha
# req.sms_param = "{username:%s,code:%s}" % (username, captcha)
req.rec_num = telephone.decode('utf-8').encode('ascii')
req.sms_template_code = constants.TEMPLATE_CODE
try:
resp = req.getResponse()
xtcache.set(telephone, captcha)
return xtjson.json_result()
except Exception, e:
print e
return xtjson.json_server_error()
def add_post():
if flask.request.method == 'GET':
boards = BoardModel.query.all()
return flask.render_template('front/front_addpost.html', boards=boards)
else:
form = AddPostForm(flask.request.form)
if form.validate():
title = form.title.data
content = form.content.data
board_id = form.board_id.data
post_model = PostModel(title=title, content=content)
# board_model = BoardModel.query.get(board_id).first()
# board_model = BoardModel.query.filter(BoardModel.id == board_id).first()
board_model = BoardModel.query.filter_by(id=board_id).first()
if not board_model:
return xtjson.json_params_error(message=u'没有该模板!')
post_model.board = board_model
post_model.author = flask.g.front_user
# 写帖子积分+2
post_model.author.points += 2
db.session.add(post_model)
db.session.commit()
# db.session.close()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def add_cmsuser():
if flask.request.method == 'GET':
roles = CMSRole.query.all()
context = {
'roles': roles
}
return flask.render_template('cms/cms_addcmsuser.html', **context)
else:
form = CMSAddUserForm(flask.request.form)
if form.validate():
email = form.email.data
username = form.username.data
password = form.password.data
roles = flask.request.form.getlist('roles[]')
if not roles:
return xtjson.json_params_error(message=u'必须制定最少一个分组!')
user = CMSUser(email=email, username=username, password=password)
for role_id in roles:
role = CMSRole.query.get(role_id)
role.users.append(user)
# user.roles.append(role)
# db.session.add(user)
# 先 user.roles.append(role),再 db.session.add(user)。因为user没有添加到数据库
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def setting():
if flask.request.method == 'GET':
return flask.render_template('front/front_setting.html')
else:
form = SettingsForm(flask.request.form)
if form.validate():
realname = form.realname.data
qq = form.qq.data
head_img = form.head_img.data
gender = form.gender.data
signature = form.signature.data
front_model = flask.g.front_user
if realname:
front_model.realname = realname
if qq:
front_model.qq = qq
if head_img:
front_model.head_img = head_img
if gender:
front_model.gender = gender
if signature:
front_model.signature = signature
db.session.commit()
# db.session.close()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())